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SYSTEM AND METHOD FOR INFORMATIONAL AND COMMERCIAL 
TRANSACTIONS VIA AN INFORMATION EXCHANGE NETWORK 

This application claims priority from U.S. Provisional Application No. 60/141,326, 
filed on June 28, 1999. 
Technical Field 

The present invention relates generally to a system and method of exchanging 
information and performing commercial transactions over information exchange networks, 
such as the Internet. More particularly, the invention relates to a system and method that 
allow an information exchange server to distribute, upon request of a consumer-user, 
information about the consumer-user to a third-party commercial provider during an 
informational or commercial transaction over an information exchange network. 

Background of the Invention 

Today, the nature of information exchange networks, such as the Internet, facilitates 
pervasive and ubiquitous access to and use of on-line services that includes informational and 
commercial transactions. Because economic efficiencies of on-line informational and 
commercial transactions is directly related to a commercial provider's ability to target 
consumer-users and the ability of the consumer-user to timely and effectively utilize an 
information exchange network, there is an increasing need to improve the seamless delivery 
of products and services on-line. 

Currently, commercial providers require consumer-users to directly register with each 
separate commercial provider with whom the consumer-user wishes to transact. 
Consequently, the consumer-user must repeatedly enter the same consumer information such 
as billing, payment and shipping information. 

Accordingly, there is a need for systems and methods that efficiently provide products 
and services over information exchange networks to a consumer-user while not requiring the 
consumer-user to repeatedly register the consumer-user's consumer information for every 
information or commercial transaction he or she conducts over a network. Additionally, 
there is a need for systems and methods that will timely provide a third-party commercial 
provider pertinent consumer-user information from a reliable central information exchange 
server. Even though the information exchange server provides the commercial provider with 
reliable consumer-user information, the information exchange server must still allow a 
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consumer-user to directly interface with the commercial provider of the desired goods, 
services and information. 

Currently, there are a handful of software programs and services that allow very 
limited consumer information storage and distribution, such as digital wallets. The use of 
these programs and services is constrained by limitations that include the lack of 
standardization, and varying consumer information requirements. 

Recently, new types of digital wallet formats have been proposed that store personal 
information on a user's personal computer where a browser plug-in can retrieve it and 
automatically populate an HTML form for submission to an Internet site that can understand 
the conventions used to name various specified data fields. 

Present Internet sites that maintain wallet information on behalf of their users settle 
the desired transactions themselves, but do not distribute the customer information to the 
suppler or distributor of the goods, services and information for settlement. 

Summary of the Invention 

The invention generally relates to systems and methods for providing highly efficient 
integrated interactions between information exchange servers, commercial providers and 
consumer-users during informational and commercial transactions. 

The information exchange server, along with the commercial provider, allows an 
organization to acquire day-to-day operational and long-term strategic resources that may 
enhance the value of the organization and help the organization in future endeavors. 

The information and services available directly from either the information exchange 
server or the commercial provider may include services and products for, by way of example, 
online publishing, instructional programs, sales and marketing information, financial 
planning resources, personnel management techniques, technology information, and 
hardware and software purchasing advice. 

In one embodiment of the invention, the interface between the consumer-user 
interface and a commercial provider via the information exchange server makes the 
commercial provider's Internet site appear to be "co-branded" with the information exchange 
server's site. For example, the consumer-user will see product offerings from the commercial 
provider while still maintaining the "look and feel" of the information exchange server site. 

"Co-branded" means that both the information exchange server and the commercial 
provider share the site and bring to it the market identification and consumer perception 
created by the display of identifying indicia, such as trademarks, the "look and feel" of the 
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site and the manner in which business is conducted. This co-branding allows a commercial 
provider to provide goods and services to consumer-users who are registered with the 
information exchange server. For example, the information exchange server might provide a 
catalog of the goods and services of commercial providers on the information exchange 
server's own Internet site. This allows a consumer-user to transact with a commercial 
provider by using the information exchange server as an intermediary. The information 
exchange server site will also allow a consumer-user to access a commercial provider directly 
by use of a hyperlink to the commercial provider's own Internet site. 

In another embodiment, the consumer-user may customize the interface with the 
information exchange server site to recall and display to the consumer-user's own 
specifications. For example, the consumer-user may customize the interface to only show the 
commercial provider with whom the consumer-user has transacted. Additionally, the 
consumer-user may provide specific information that is only to be provided to designated 
commercial providers. 

Therefore, the consumer-user does not need to register with commercial providers 
individually as the consumer-user interface may be customized so that it provides billing, 
payment or shipping information to commercial providers and self-authenticates such 
information. These information exchanges may be conducted transparently, i.e. 
automatically, or the exchanges may require the final approval of the consumer-user. 

In another embodiment, the information exchange server may provide a single 
integrated statement of all goods and services purchased by a consumer-user at all of the 
commercial provider sites in which transactions were initiated and consummated. 

In other embodiments, the invention provides process flows, messages, data 
definition, authentication, and security methods that are used during information exchanges. 

The invention may be a general interface for any commercial provider who provides 
goods and services but relies on an information exchange server to provide consumer 
information about the consumer-user. 

In another embodiment, the invention provides a general interface for any commercial 
provider of information and services that do not require direct customer billing. 

The invention applies not only to tangible goods, but also to services, computer- 
readable information and electronic information. 

The above, and other objects, features and advantages of the present invention will 
become readily apparent from the following detailed description thereof which is to be read 
in connection with the accompanying drawings 
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Description of the Drawings 

Figure 1 is a block diagram illustrating the flow of information between the 
information exchange server, commercial provider and the consumer-user. 

Figure 2 is a block diagram illustrating the exchange of information between 
information exchange server and commercial provider in accordance with the present 
invention. 

Figure 3 is a block diagram illustrating the overall logical architecture of the present 
invention. 

Figure 4 is a block diagram illustrating the classes of messaging that can be created 
and sent by the commercial provider. 

Detailed Description of the Invention 

The invention provides systems and methods that utilize an information exchange 
network to secure the acquisition of consumer-user information and information concerning 
commercial providers and their goods and services. The following descriptions refer to one 
information exchange server, commercial provider, and consumer-user, but it should be 
understood that the invention includes multiple information exchange servers, commercial 
providers, and consumer-users. 

Figure 1 illustrates the interaction between the information exchange server 10, 
commercial provider 12 and the consumer user 14. The invention provides a system and 
method for the systematic and secure interaction between an information exchange server 10 
and a commercial provider 12 , thereby permitting a consumer-user 14 to register with the 
information exchange server 10 or with the commercial provider 12 by way of redirection 
from the information exchange server 10. More particularly, the invention allows a 
consumer-user 14 to obtain products, services and information from either the information 
exchange server 10 or the commercial provider 12. The present invention also allows the 
exchange of a consumer-user* s consumer information 15 between the information exchange 
server 10 and commercial provider 12. 

Upon the request of a consumer-user 14, an information exchange server 10 may 
provide the consumer-user's information 15 to a commercial provider 12 through an 
information exchange network 16, such as the Internet. The consumer-user 14 may provide 
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additional information to the commercial provider 12 directly or the consumer-user 14 may 
provide the additional information by using the information exchange server 10. The 
commercial provider 12 may return purchase and status information 17 to the information 
exchange server 10 during the purchase or registration information exchange or the 
commercial provider 12 may return the information 17 to the information exchange server 10 
asynchronously from the purchase or registration information exchange. 

The invention allows an information exchange server 10 to facilitate the informational 
and commercial transaction between a consumer-user 14 and a commercial provider 12 over 
an information exchange network 16. The informational and commercial transaction may 
include informational searches and requests concerning a commercial provider 12 and the 
commercial provider's 12 goods and services. The informational and commercial transaction 
may also include the acquisition of goods and services of a commercial provider 12. 

The invention allows an information exchange server 10 to act as a central repository 
of consumer-user profiles. The consumer-user profiles may contain consumer information 15 
pertinent to the purchase and delivery of goods and services such as billing and shipping 
information. The information exchange server 10 may communicate with a commercial 
provider 12 and exchange consumer information 15 with the commercial provider 12. This 
communication and exchange of information 15 may be conducted over a secure or encrypted 
information exchange network 16 connection such as a secure Internet connection. 

The invention may also provide simultaneous and contemporaneous communication 
and exchange of information between (1) an information exchange server 10 and multiple 
commercial providers, or (2) multiple information exchange servers and a commercial 
provider 12, or (3) multiple information exchange servers and multiple commercial providers. 
The invention also allows contemporaneous and simultaneous informational and commercial 
transactions between (1) a consumer-user 14 and multiple commercial providers or multiple 
information exchange servers, (2) multiple consumer-users and a commercial provider 12 or 
an information exchange server 10, or (3) multiple consumer-users and multiple commercial 
providers or multiple information exchange servers. 

Accordingly, the invention allows an information exchange server 10 to act as a 
"trading center" where commercial providers and consumer-users may exchange and obtain 
information concerning products, services, consumer profiles, and other information related 
to business methods and practices. Additionally, the invention allows the information 
exchange server 10 to function as a "gatekeeper" of such information. In particular, the 
information exchange server 10 may act as the gatekeeper of information where control or 
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regulation of information distribution is desired. For example, one may desire that the 
distribution of consumer information 15 only be provided to a commercial provider 12 as 
authorized by a consumer-user 14. Also, an information exchange server 10 may wish to 
guarantee that the product and service information it provides is accurate and reliable and not 
misleading. 

The invention allows small and medium sized commercial providers to perform as 
large businesses, while also allowing large commercial providers to function more efficiently 
with greater commercial range and capability by utilizing the business tools, techniques and 
information provided by the information exchange server 10. Such tools, techniques and 
information establishes and maintains a commercial provider's 12 access to relevant general 
and industry specific information. Therefore, the invention provides an interactive 
environment in which a commercial provider 12 may communicate with and learn from other 
commercial providers, information exchange servers and consumer-users. 

The present invention also provides a means of performing purchasing transactions 
and a means of requesting and establishing consumer-user 14 registration with an information 
exchange server 10. 

The commercial providers and consumer-users may be organizations or private 
individuals. The commercial providers and consumer-users may have professional or non- 
professional objectives for utilizing the information exchange server 10. The commercial 
providers and consumer-users may include corporate business analysts and managers and the 
objectives may include the procurement of marketing information and recreational products. 

The invention may also be used as a platform for educational and online forums 
where a consumer-user 14 can network and educate themselves by accessing and tailoring the 
platform for highly focused and efficient exchange of information. 

The invention provides highly personalized, relevant and in-depth industrial sector 
specific information and resources, such as trade publications, reference materials, expert 
analyses, contemporaneously occurring news stories, "how to" tutorials, and entertainment. 

In linking and ostensibly integrating the commercial provider 12 with the information 
exchange server 10 through a common consumer-user interface 18 housed locally with the 
consumer-user 14, consumer-user 14 can search and retrieve novel, as well as archived, 
information, in addition to user friendly access to products and services. The invention 
provides consumer-user 14 with the ability to effectively integrate the available resources into 
business, as well as personal use. Professional utilization will allow direct access to such 
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resources as communication, educational, office equipment, recruiting services, computer 
resources, etc. 

The invention provides a platform for complex "intelligent" consumer-user searches 
for information, products and services made available by the method and system of the 
present invention. The resources made accessible by the present invention are broadly 
defined to include, but not be limited to, all information ordinarily obtainable from a generic 
Internet web site. The invention provides a unique functionality that allows a consumer-user 
14 to customize their customer-user interface 1 8 based upon their own unique search and 
retrieval experiences in a manner that allows them be more efficient in there acquisition and 
use of available resources. For, example a consumer-user 14 can customize the consumer- 
user interface 18, e.g., computer "desktop" configured to automatically display most often 
used local and server-based system resources. The commercial provider 12 may also request 
additional information about the consumer-user in order to customize his or her service to the 
consumer-user. 

Information exchange server 10 will collect consumer information 15, e.g. billing and 
shipping information (consumer-user name, address, telephone, company name, company 
address, title), when the consumer-user 14 registers. Consumer-users 14 explicitly grant or 
deny to the information exchange server 10 the right to share this information 1 5 with 
commercial providers 12 through the information exchange server registration and profile 
management interface. 

Consumer-users 14 need not log-in or otherwise authenticate themselves to 
information exchange server 1 0 before following a link to a commercial provider 12 site. If 
the consumer-user 14 reaches the point of purchase, the commercial provider 12 site will ask 
them if they want to provide exchange server database information 15 (either basic 
consumer-user information or billing/shipping information.). 

A consumer-user 1 4 who does not wish to provide information 1 5 to information 
exchange server 10 will be able to register with the commercial provider 12 or use 
information stored by the commercial provider 12 only by leaving the co-branded portion of 
the site. At this point, commercial provider 12 does not share purchase or other information 
about the consumer-user 14 with the information exchange server 10. 

The information exchange server 10 may provide a catalog of services and 
information in the form of a navigable hierarchy of topics, sections, and services. However, 
the information exchange server 10 will generally not have a commercial provider's 12 
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catalog for purposes of shopping. All shopping for hard goods will take place on the 
commercial provider's 12 site. 

The commercial provider 12 will identify the consumer-user 14 by a unique 
consumer-user identifier number (ID) 20. This is a "hand-off' session identification ID 20. 
This ID 20 becomes associated, e.g., attached, with consumer-user information 15 utilized 
during a transmission session. Since this ID 20 may be in conflict with existing consumer- 
user ID's at the commercial provider 12 site, the commercial provider 12 may have to create 
an internal ID for the consumer-user 14. In this case, the consumer-user 14 will not be made 
aware of the existence of this internal ID. 

Products and actual consumer-user product shipping, including temporal status, 
information 17 is provided by from the commercial provider 12 site to the information 
exchange server 10 site. The information exchange server 10 sends confirmation to the 
commercial provider 12 site upon receipt of the status and change information 17. 

There are generally four types of exchanges of information between the information 
exchange server 10 and the commercial provider 12 . The exchanges include: 1) session 
connection with consumer identification number 20, 2) request for consumer information 22. 
3) consumer information 15, and 4) status and change information 17, as illustrated in Figure 
2. These exchanges, together with their processing at the information exchange server 10 and 
the commercial provider 12 site, determine the invention's process flows. 

The present invention provides for transmission technology that communicates with a 
general computer programmable language, such as JAVA. The invention's protocol also 
provides public key encryption in the form of Secure Sockets Layer (SSL). Thus, 
authentication and authorization is provided. 

Moreover, the registration aspect of the present invention provide a "secure back-end 
channel" to request 22 and exchange information 15 about a consumer-user 14. 

The invention passes personal and purchasing information 1 5 between the information 
exchange server 10 site and the commercial provider 12 site. More specifically, consumer- 
user registration information 15 is shared as preauthorized by the consumer-user 14 , both for 
transaction and registration aspects of the invention. This results in a seamless consumer- 
user 14 experience. 

When the consumer-user 14 desires to transfer to a commercial provider 12 site, he 
selects a link to a commercial provider 12 site. This link may appear in an ad, in a product 
review, or in other content on information exchange server 10. Information exchange server 
10 redirects the consumer-user 14 to the appropriate page on the commercial provider 12 site, 
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sending with the consumer-user a session ID 20 and consumer-user type. This consumer-user 
"type" comprises a registration level where the highest level is required to actually conduct a 
transaction, wherein other levels can acceptable for browsing. There are other types of data 
that accompany the consumer-user 14. For example, promotional data can be appended, e.g., 
"10% off today only", along with a return URL after the user's 14 visit is complete. The 
redirection page and the link to the commercial provider 12 must be in a Secure Sockets 
Layer (SSL) session in order to protect the session ID 20. The commercial provider 12 can 
request consumer information 1 5 at any time but should only request billing information 
when the consumer-user 14 indicates he wishes to purchase an item. The commercial 
provider 12 then uses a SSL connection to the information exchange server 10 in order to 
request registration and/or billing information 22. The request uses the session ID 20 as the 
key. The information exchange server 10 replies with the appropriate information 15 if the 
session is still valid. 

The authorization is significant from the standpoint whether or not, how and with 
what particular specificity, the consumer-user 14 has agreed to use the invention's resources 
for its purchase prior to the satisfaction of such request. 

In order to sustain the information exchange server 10 as the central repository of the 
customer's stored information 15, along with maintaining the private nature of such 
information 15, the commercial provider 12 must not cache billing, shipping, company or 
other information 15 provided by the information exchange server 10, unless authorized. 
Each time a commercial provider 12 accepts a purchase offer, the commercial provider 12 
must request billing information directly from the information exchange server 10. This is 
also necessary because the consumer-user 14 may frequently or infrequently change 
consumer information 15 that is stored at the information exchange server 10, particularly 
after a prior purchase. 

It should be noted that a consumer-user 14 can arrive at commercial provider 12 site 
having not obtained a session ID 20. This could happen if the consumer-user 14 bookmarks 
the co-branded site. In such situation, the commercial provider 12 will redirect anonymous 
consumer-user 14 who arrive at the co-branded site via a bookmark to information exchange 
server 10 for login or registration. Therefore, the commercial provider 12 can recognize this 
and, at the time of purchase, redirect the consumer-user 14 to the information exchange 
server 10 where the consumer-user 14 may login or register. For example, a servlet can be 
used that recognizes that the current user 14 session has no identification, such as by not 
seeing the existence of a prior appended URL, i.e., "cookie". 
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In these cases, the consumer-user 14 has several options. First, upon login to the 
information exchange server 10, the server 10 can re-direct the consumer-user 14 back to the 
commercial provider 12 with an indication 20 that the commercial provider 12 can now 
request consumer information 22. Second, the consumer-user 14 can enable the information 
exchange server 10 to share consumer information 15, i.e., a "billing flag." Then the 
information exchange server 10 automatically redirects the consumer-user 14 back to the 
commercial provider 12 site, sending this information 15 as a URL parameter. The 
commercial provider 12 can now request consumer-user information 22 and subsequently 
treat the consumer-user 14 as if he or she were logged in. Third, the consumer-user 14 can 
decline to provide consumer information 15 to the information exchange server 10. In this 
case the information exchange server 10 informs the consumer-user 14 that it cannot process 
his or her order. 

Some commercial providers 12 require an additional authentication before each 
purchase. In this case, the commercial provider 12 redirects the consumer-user 14 to the 
information exchange server 10 page where the consumer-user 14 logs in. The information 
exchange server 10 then redirects the consumer-user 14 to the commercial provider 12 page. 

When the consumer-user 14 completes a purchase, the commercial provider 12 uses 
the SSL connection to send a message containing purchasing information 24. Purchase 
information 24 can include item, quantity, and price information. If purchase information 24 
message is undeliverable, the commercial provider 12 will continue to retry at regular 
intervals until delivery is successful. 

If the commercial provider 12 has on-line access to delivery information 26 (e.g., 
carrier, waybill, and shipment status), it will send information 26 to the information exchange 
server 10 as asynchronous updates. The messages carrying information 26 will use the SSL 
channel. A single message may include more than one customer-user update. These update 
messages may arrive at any time and in any order. The information exchange server 10 will 
update customer account information to reflect the delivery status. 

In a preferred embodiment, the invention requires that the consumer-user 14 first 
maintain a connection and be registered with the information exchange server 10 site prior to 
establishing a connection to the commercial provider 12 site for the purposes of purchasing 
directly from the commercial provider 12 site. However, in another embodiment the 
consumer-user 14 can connect, initially directly to the commercial provider 12 site, however, 
upon the registration of a consumer-user's 14 request to make a purchase, the consumer-user 
14 will be interrogated to determine whether he is a pre-registered with the Information 
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exchange server 10 site. If the consumer-user 14 has been previously registered, the request 
to purchase will proceed with being satisfied in accordance with other objects of the 
invention. On the other hand, if the consumer-user 14 is not registered, he or she will be 
queried to determine if he would like to be a registered information exchange server 
consumer-user. If he or she so chooses, he or she will be automatically re-directed to the 
Information exchange server 10 to engage the registration process of the present invention. 

The information exchange server 1 0 site collects and various consumer-user 
information 15 such as demographic, purchasing and marketing information. Purchase 
information 24 can include products purchased, price, quantity, etc. Overall, the 
communications script protocol, such as XML allow the types of information to be added and 
modified with relative ease. The information server 10 site may also provide discounts and 
information on such discounts, which can obtained by consumer-users 14 and applied when 
purchasing from the commercial provider 12, such as purchase discounts. 

In another embodiment the information exchange server 10 does not act as a 
"reseller" of goods. Therefore, the information exchange server 10 provides the mechanism 
to allow the consumer-user 14 to seamlessly request and retrieve information, products and 
services from various commercial provider 12 sites, as opposed to entering into separate 
transactions, which generally requires a third party site to request consumer-user purchase 
information 24, such as credit account particulars. However, in another embodiment, the 
information exchange server 10 functions as a direct provider of information, goods and 
services. 

The commercial provider 12 has the ability to confirm that it can authenticate itself 
during a SSL session. The commercial provider 12 can track a consumer-user's 14 session as 
the consumer-user 14 goes back and forth between the commercial provider 12 and 
information exchange server 10. The result is that the consumer-user 14 sees the commercial 
provider 12 and information exchange server 10 as one site. 

Figure 3 illustrates a preferred embodiment of the present invention's logical 
architecture. This diagram shows the interconnection of the essential components of the 
system. In the diagram, consumer-user 14 interacts with the information exchange server 10. 
They register 28, log-in 30, and visit. Objects 32, 34, and 36 residing on the application 
server 38 processes almost all requests. A register object 32 takes the consumer-user 
information 15 and writes it to the profiles database 40. A Security object 34 authenticates 
the consumer-user 14 by consulting the Lightweight Directory Access Protocol (LDAP ) 
directory 42. The LDAP provides a means of using a file directory mechanism to store and 
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access data that is faster and easier to retrieve often used information than using a more 
conventional database. A standard API makes LDAP directory 42 accessible by commercial 
provider 12 and directory 42 is configured to be accessible via the public network or a private 
network such as an intranet. When a consumer-user 14 purchases information at the 
information exchange server 10, such as a document identified by the search engine, or a 
service such as Internet-based training 44, a shopping object 36 prepares the transaction. 
When the consumer-user 14 is ready to buy, the shopping object 36 invokes a purchase object 
46 on the commerce server 48. The purchase object 46 processes the credit card transaction 
and updates the consumer-user's account record in the accounts database 50. 

When a consumer-user 14 expresses interest in inspecting or purchasing goods 
supplied by a co-branded commercial provider 12, he or she follows a link to the commercial 
provider 12 site. Figure 3 portrays the commercial provider 12 with a similar technical 
architecture. The commercial provider 12 need only be able to establish a mutually 
authenticated SSL session with the information exchange server web server 52 and then 
communicate with the appropriate object there. The commercial provider 12 can then request 
billing information 22 when the consumer-user 14 says that they wish to make a purchase. In 
another embodiment of the invention the commercial provider 12 can also request registration 
information when the consumer-user 1 4 must authenticate himself or herself. Commercial 
provider 12 can also supply purchase information 24 and shipping information 26 to a co-buy 
object 54 on commerce server 48 when these become available. 

In one embodiment, and as stated previously, the communication between the 
commercial provider 12 and the information exchange server 10 can take place over an SSL 
session. For example, all communication may be 128-bit SSL3.0 using client and server 
authentication and 3DES encryption. The commercial provider 12 is the client and initiates 
the session as if it is a browser. Once the information exchange server 10 has authenticated 
the commercial provider 12, it will check authorization by reading the entry for the 
commercial provider 12 in its LDAP directory 42. If authorization fails, the information 
exchange server 10 will end the session. 

If authorization succeeds, the commercial provider 12 makes a request 22 and 
receives a response 15. The information exchange server 10 will process all messages that 
result in an update to its database independently. Thus, if it receives the same message 
multiple times, the processing results in no change to the database. The information 
exchange server 10 assumes that the commercial provider's 12 order number is unique. If a 
purchase order message arrives repeatedly, and the information exchange server 1 0 sees an 
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entry for this order number, it will not process the message but will reply that this is a 
duplicate. 

In another embodiment, the commercial provider 12 creates only a small number of 
SSL sessions (one may be sufficient) and has HTTP connections run within existing sessions. 

In another embodiment illustrated in Figure 1, all communication between the 
information exchange server 10, the commercial provider 12, and the consumer-user 14 can 
be via a standard HTTP (hypertext transfer protocol) or HTTPS (Secure Socket Layers, or 
SSL, for http), as necessary, to provide secure communications. The physical transport of 
information is by any medium that supports HTTP and HTTPS, such as the Internet or a 
dedicated virtual private network (VPN) or Tl connection between the parties. The 
consumer-user 14 needs only to have a standard Internet browser that supports SSL and a 
network connection, such as the Internet. The consumer-user interface 1 8 must locally house 
a browser that accepts prior URL destinations, i.e., "cookies". The information exchange 
server 12 accepts requests via its standard web listener via port 80 for HTTP or 443 for 
HTTPS connections. The commercial provider 12 does the same to receive the redirected 
requests from the consumer-user 14. The information exchange server 10 accepts requests 
and forwards them to the commercial provider 12 by initiating Java servlets that create the 
URL and parameter combination that is used to redirect the user to the commercial provider 
12. Subsequently, servlets on both the information exchange server 10 and the commercial 
provider servers 38, 48, and 52 build XML data packets and manage their transfer between 
each other. The XML parser is freely available software from many sources including IBM 
and the server-side SSL software is licensed from any of a number of third-party software 
providers. The servlets access the databases 40, 42, and 50, typically a SQL database such as 
that from Oracle. The servlets are managed by a JVM or Java Virtual Machine that are 
widely and often freely available. The servlets and database can run on IBM-compatible NT 
servers or Unix based machines such as the ones from Sun Computers. The system 
configuration for the commercial provider 12 is similar. The commercial provider 12 runs 
session management software on the web server 56 to facilitate the process, as does the 
information exchange server 10. 

The following describes several embodiments of the present invention implemented in 
by way of several computer programming language examples. 

The present invention can be implemented with any general programmable language, 
such as JAVA©, which is in the form of a package distribution. The Java package contains 
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Java classes and methods that are compiled into byte codes to be executed as servlets and 
loaded on demand by a server. This allows a consumer provider 12 to be able to add the 
invention's functionality to its server applications. 

The XML builders of the present invention are classes that build the information 
exchange server 10 XML client messages as a string. The handlers are classes that parse the 
commercial response messages. The connections are classes that manage the messaging 
duties of the commercial provider 12, converting XML documents from and into HTTP 
requests, and validating servers as part of the SSL handshake. In addition, the connections 
package enables batch transfer and deferred delivery of messages. The controllers are classes 
that communicate with the builders and handlers. The controller's function is to provide a 
simple high-level interface to a commercial provider's 12 application. It initiates the 
necessary objects so that the object methods can be easily called. The common package 
contains a set of common classes for managing exceptions, properties, and logging. 

A message is built through successive calls to methods in the appropriate builder 
class. There is one method for each major element. 

The application asks the controller to create a response handler for its message. The 
response handler parses the message and returns the element values as hash tables, where 
there is one hash table for each major element grouping. 

An application can write purchase response and update messages into a queue for 
subsequent transmission. The queue can also be used for the case where communications are 
temporarily interrupted. The queue manager stores XML messages in files. 

Figure 4 is a block diagram illustrating the classes of messaging that can be created 
and sent by the commercial provider. 

The class diagram below shows the information exchange server client classes and the 
principal methods of each class. 

The following sections describe messages (a.k.a. XML documents) in the sequence 
they follow when a consumer-user 14 makes a purchase. Messages have the format of XML 
documents contained within an HTTP message. DTD's for these documents will appear 
separately for each of these messages. 

An HTTP message of type text/xml carries the request and the response. In addition to 
the request-response messages, information exchange server 10 passes information to the 
commercial provider 12 as URL query parameters when the consumer-user 14 links to the 
commercial provider 12. Similarly, the commercial provider 12 passes information to 
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information exchange server 10 in the same manner when it requires that the consumer-user 
14 log in before purchasing goods. 

The Link message contains the following information. All fields are text. The 
message described in the table corresponds to a URL. 



Element 


Type 


Example 


Session ID 


Hexadecimal value 


ABCDEFO 123456789 


Date/Time 


Date-Time 


Jan 01 2001:00:00:00.01 


Consumer-user Type 


Character Flag 


A 


Return URL 


URL 


http ://www.information 
exchange 

server/supplies/fax/xeO 1 



The Consumer-user types are as follows. 



Flag 


Meaning 


A 


Not logged in 


B 


Logged in, able to share billing and registration information 


C 


Logged in, unable to share billing and registration information 


D 


Logged in, able to share registration information only 



In order to protect the session ID 20, the information exchange server 1 0 redirect and 
the commercial provider 12 URL to which the consumer-user 14 is redirected must be done 
over an SSL session. Once the consumer-user's session ID 20 has been recorded by the 
commercial provider 12, the consumer-user 14 can go back to an insecure session. 

The commercial provider 12 sends this message to information exchange server 10 
when it needs to retrieve consumer-user 14 registration information only, or registration, 
billing and shipping information. The commercial provider 12 sends the request over an SSL 
channel as an HTTP message. The message has the form of an HTTP message of type 
text/xml. The XML document contains the following information: 



Element 


Type 


Child of 


Example 


Message 


Element 


Document 




Message Type 


Text 


Message 


Req-R, Req-B 


Message Date 


Date-Time 


Message 


Jan 06 

2001:00:00:00.01 


Session 


Element 


Document 




Session ID 


Hexadecimal value 


Session 


ABCDEFO 123456789 


Date/Time 


Date-Time 


Session 


Jan 01 

2001:00:00:00.01 



15 



WO 01/01276 PCT/USOO/17682 

The response to a request for billing information 22 is an HTTP response containing 
an XML documents. The table below shows the contents of the XML document. Most fields 
are self-explanatory. The "Index" element under session is a value passed to information 
exchange server 10 with a request for a login from the commercial provider 12. By returning 
this value, the commercial provider 12 can determine that the consumer-user 14 has 
successfully authenticated himself at information exchange server 10 before returning to the 
commercial provider 12. 



Element 


Type 


Child of 


Example 


Message 


Element 


Document 




Message Type 


Text 


Message 


Resp-R, Resp-B 


Message Date 


Date-Time 


Message 


Jan 06 

2001:00:00:00.01 


Message Status 


Text 


Message 


"Success" 
"NoSession" 
"ServerError" 
"SessionExpired" 


Message Status 

Text 


Text 


Message 


"The Session ID did 
not match any known 
sessions" 


Session 


Element 


Document 




Session ID 


Hexadecimal value 


Session 


ABCDEF0 123456789 


Date/Time 


Date-Time 


Session 


Jan 01 

2001:00:00:00.01 


Consumer-user 

Type 


Character Flag 


Session 


A 


Promo 


Text 


Session 


"preferred" or "10%" 


Index 


Text 


Session 


AJIOJFONBL90 


Consumer-user 


Element 






Consumer-user ID 


Text 


Consumer-user 


Al 9480808 (Unique 
Consumer-user ID) 


Prefix 


Name 


Consumer-user 


Mr. 


Last Name 


Name 


Consumer-user 


Doe 


First Name 


Name 


Consumer-user 


John 


Middle Initial 


Name 


Consumer-user 


A. 


Suffix 


Name 


Consumer-user 


Jr. 


Credit Card (billing 
request only) 


Element 


Document 




Credit Card 
Number 


Number 


Credit Card 


5424174798071779 


Individual 
Identifier 


Number 


Credit Card 


4031 


Plastic Expiration 
Date 


Date 


Credit Card 


03/31/02 or /03/02 


Credit Card 


Name 


Credit Card 


John Doe 
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Individual Name 








Credit Card Street 


Street Address 


Credit Card 


24 Pleasant 9t 


Credit Card City 


City 


Credit Card 


Potsdam 


Credit Card State 


State 


Credit Card 


NY 


Credit Card Zip 


Zip code 


Credit Card 




Credit Card 
Country 


Country Code 


Credit Card 


US 


Shipping (billing 
request only) 


Element 


DncMirnpnt 




Address Line 1 


Address 


SriiTTninD" 

X IXLJIJ XX 1 g 


/Apdi uncni OD 


Address Line 2 


Address 


Shipping 


350 Fifth Ave 


Address Line 3 


Address 


Shipping 




City 


Address 


Shipping 


New York 


State 


State 


Shipping 


NY 


Zip 


Zip code 


Shipping 


10118 


Country 


Country 


Shipping 


US 











If the session has expired or there is no such session, the commercial provider 12 will 
treat the consumer-user 14 as if they had not yet logged in to the information exchange server 
10 and redirect the consumer-user 14 to the information exchange server login page 30. 

The commercial provider 12 sends this HTTP request message to information 
exchange server 10 when a consumer-user 14 completes a purchase or completes a change to 
an order (e.g. cancels a portion of the order.). 



Element 


Type 


Child of 


Example 


Message 


Element 


Document 




Message Type 


Text 


Message 


New or Cancel 


Message Date 


Date-Time 


Message 


Jan 06 

2001:00:00:00.01 


Session 


Element 


Document 




Session ID 


Hexadecimal value 


Session 


ABCDEF0123456789 


Date/Time 


Date-Time 


Session 


Jan 01 

2001:00:00:00.01 


Consumer-user 

Type 


Character Flag 


Session 


A 


Consumer-user 


Element 






Consumer-user ID 


Text 


Consumer-user 


A19480808 (Unique 
Consumer-user ID) 


Prefix 


Name 


Consumer-user 


Mr. 


Last Name 


Name 


Consumer-user 


Doe 


First Name 


Name 


Consumer-user 


John 


Middle Initial 


Name 


Consumer-user 


A. 


Suffix 


Name 


Consumer-user 


Jr. 


Order 


Element 
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Order Identifier 


Number 


Order 


A0384091 


Order Type Code 


Number 


Order 


A609 


Order Date 


Date 


Order 


Jan 01 

2001:00:00:00.01 


Order Status 


Text 


Order 


Received 


Order Amount 


Currency 


Order 


400.90 


Order Tax 


Currency 


Order 


32.05 


Order Shityninf? 


Currency 


Order 


28 03 


Shipping Method 


Text 


Order 


Surface Delivery 


Item* 


Plement 


Order 




Product Identifier 


Number 


Item 


908070808008 


Product Tvne 
Code 


Number 


Item 


4031 


Product Name 
Text 


Text 


Item 


Xerox Toner 


Product Retail 
Price Amount 


Currency 


Item 


18.30 


Product Quantity 


Number 


Item 


4 


Shipping Method 


Text 


Item 


Air 


Status 


Text 


Item 


Shipped 



The response to this message will be an HTTP message carrying an XML document. 
The table below describes the structure of this document. 



Element 


Type 


Child of 


Example 


Message 


Element 


Document 




Message Type 


Text 


Message 


New or Change 


Message Date 


Date-Time 


Message 


Jan 06 

2001:00:00:00.01 


Message Status 


Text 


Message 


"Success" 

"NoSession" 

"ServerError" 

"SessionExpired" 

"Duplicate Order 

Number" 


Message Status 

Text 


Text 


Message 


"The Session ID did 
not match any known 
sessions" 


Session 


Element 


Document 




Session ID 


Hexadecimal value 


Session 


ABCDEF0 123456789 


Date/Time 


Date-Time 


Session 


Jan 01 

2001:00:00:00.01 


Consumer-user 

Type 


Character Flag 


Session 


A 
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If the request fails, the commercial provider 12 will log the Purchase Information 
Message in an error log that the commercial provider 12 forwards to information exchange 
server 10. 

The commercial provider 12 sends this HTTP request message to information 
exchange server 10 when it updates the shipping status of an order 26. 



Element 


Type 


Child of 


Example 


Consumer-user 


Element 






Consumer-user ID 


Text 


Consumer- 
user 


Al 9480808 (TJniaue 
Consumer-user ID) 


Prefix 


Name 


Consumer- 
user 


Mr. 


Last Name 


Name 


Consumer- 
user 


Doe 


First Name 


Name 


Consumer- 
user 


John 


Middle Initial 


Name 


Consumer- 
user 


A. 


Suffix 


Name 


Consumer- 
user 


Jr. 


Order 


Element 


Document 




Order ID 


Text 


Order 


B09e00e0 


Date/Time 


Date-Time 


Order 


Jan 01 2001:00:00:00.01 


Order Status 


Text 


Order 


Complete 


Item * 


Element 






Product Identifier 


Text 


Item 




Status 


Text 


Item 


Shipped 



The request is an HTTP document containing an XML document. The table below 
describes this document. 



Element 


Type 


Child of 


Example 


Message 


Element 


Document 




Message Type 


Text 


Message 


New or Change 


Message Date 


Date-Time 


Message 


Jan 06 

2001:00:00:00.01 


Message Status 


Text 


Message 


"Success" "NoOrder" 

"ServerError" 

"NoConsumer-user" 


Message Status 

Text 


Text 


Message 


"The Order ID did not 
match any known 
orders" 


Session 


Element 


Document 




Session ID 


Hexadecimal value 


Session 


ABCDEF0123456789 
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Date/Time 


Date-Time 


Session 


Jan 01 

2001:00:00:00.01 


Consumer-user 

Type 


Character Flag 


Session 


A 



The commercial provider 12 sends this message if the customer 14 returns an item or 
receives a credit or refund. Support for this message is optional. If the commercial provider 
12 does not support the message, it must create a log file of credits that contains the 
information described in the following table: 



Element 


Type 


Child of 


Example 


Message 


Element 


Document 




Message Type 


Text 


Message 


Refund 


Message Date 


Date-Time 


Message 


Jan 06 

2001:00:00:00.01 


Session 


Element 


Document 




Session ID 


Hexadecimal value 


Session 


ABCDEF0123456789 


Date/Time 


Date-Time 


Session 


Jan 01 

2001:00:00:00.01 


Consumer-user 

Type 


Character Flag 


Session 


A 


Consumer-user 


Element 






Consumer-user ID 


Text 


Consumer-user 


A19480808 (Unique 
Consumer-user ID) 


Prefix 


Name 


Consumer-user 


Mr. 


Last Name 


Name 


Consumer-user 


Doe 


First Name 


Name 


Consumer-user 


John 


Middle Initial 


Name 


Consumer-user 


A. 


Suffix 


Name 


Consumer-user 


Jr. 


Order 


Element 






Order Identifier 


Number 


Order 


A0384091 


Order Type Code 


Number 


Order 


A609 


Order Date 


Date 


Order 


Jan 01 

2001:00:00:00.01 


Order Status 


Text 


Order 


Received 


Order Amount 


Currency 


Order 


400.90 


Order Tax 


Currency 


Order 


32.05 


Order Shipping 


Currency 


Order 


28.03 


Shipping Method 


Text 


Order 


Surface Delivery 


Order Refund 
Amount 


Currency 


Order 


120.50 


Tax Refund 
Amount 


Currency 


Order 


7.40 


Item* 


Element 


Order 




Product Identifier 


Number 


Item 


908070808008 


Product Type 


Number 


Item 


4031 
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Code 








Product Name 
Text 


Text 


Item 


Xerox Toner 


Product Retail 
Price Amount 


Currency 


Item 


18.30 


Product Quantity 


Number 


Item 


4 


Shipping Method 


Text 


Item 


Air 


Product Credit 
Amount 


Currency 


Item 


18.30 


Status 


Text 


Item 


Shipped 



The response to this message is similar to the response to a status update message 26. 



Element 


Type 


Child of 


Example 


Message 


Element 


Document 




Message Type 


Text 


Message 


Refund Reply 


Message Date 


Date-Time 


Message 


Jan 06 

2001:00:00:00.01 


Message Status 


Text 


Message 


"Success" "NoOrder" 

"ServerError" 

"NoConsumer-user" 


Message Status 

Text 


Text 


Message 


"The Order ID did not 
match any known 
orders" 


Session 


Element 


Document 




Session ID 


Hexadecimal value 


Session 


ABCDEF0 123456789 


Date/Time 


Date-Time 


Session 


Jan 01 

2001:00:00:00.01 


Consumer-user 

Type 


Character Flag 


Session 


A 



The commercial provider 12 uses a URL query string to inform the information 
exchange server 10 about the return URL when it redirects a consumer-user 14 to login 30. 
The query string the commercial provider 12 uses has the following parameters: 



Element 


Type 


Comments 


Session ID 


Hexadecimal value 


Original Session ID 
Information exchange server 
passed to commercial provider 


Date/Time 


Date-Time 


Current date/time 


Index 


Text String 


AJIOJFONBL90 


Return URL 


URL 


http://www.commercial 

provider.com/supplies/fax/xeO 

i?index=AJIOJFONBL90 
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The "index" element is an additional security feature. By returning this value with the 
Billing Information Message, the commercial provider 12 can determine that the consumer- 
user 14 has successfully authenticated himself at the information exchange server 10 before 
returning to the commercial provider 12. The invention supports the use of the index for 
commercial provider 12 whose policy is to require an additional authentication prior to each 
purchase. If provider 12 does not, the information exchange server 10 only returns billing 
information if the consumer-user 14 has successfully logged in the current session, so the 
index is not necessary. 

The following are examples of computer programmable code that can implement 
various aspects and embodiments of the present invention. 



The following is a specific example of a request message. 



<?xml version="l . 0 " encoding="UTF-8 " ?> 
<!DOCTYPE ORDER SYSTEM » reguestmessage . dtd" > 
<requestmessage messagetype = "A" 
year = "1999" 
month = "05" 
day = "09" 
hour = n 14" 
minute = "42" > 
<session year = "1999" 

month = "05" 
day = "09" 
hour = "12" 
minute = "58 "> 
<sessionid>A849J0RX</sessionid> 

</ session> 
< / re que s t me s s age > 

The following is a specific example of purchase information code. 

<?xml version= " 1 . 0" encoding="UTF-8 " ?> 
<!DOCTYPE ORDER SYSTEM "purchaseinf o . dtd" > 
<purchaseinf o> 

<message messagetype="purchase H year="1999 n Month=" Jun" Day="7" 
Hour="16" minute="ll"/> 

<session year="1999 ,! Month="Jun" Day="6" Hour="12" Minute="8" 
index = 

"A87f jbjk"/> 

<sessionid>A98f jd0 98 8 0djHOL</sessionid> 
<promo>10 percent < /promo > 
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< consume r - user > 

<consumer-userid>svaj j 02</consumer-userid> 
<pref ix>Mr . </pref ix> 
<last>Vaj jhala</last> 
<f ir st >Siva< /first > 

< /consumer-user > 
<order> 

<orderid>92 092 8708 0 928 098 0 9</orderid> 
<ordertype>cash</ordertype> 

<orderdate>09 Jun 1999 13 : 02 : 01</orderdate> 
<orderamount>15 . 3 9</orderamount> 
<ordercurrency>US</ordercurrency> 
<ordertax>2 . 14</ordertax> 
<ordershipping>3 . 80</ordershipping> 
<ordermethod>UPS</ordermethod> 

<ordertracking>8 9 0 83 0 980 98 098</ordertracking> 

<orderURL>http: //www. of f icemax. com/shipping</orderURL> 
</order> 

<item> 

<productid>80 980 98 09 8 0 983</productid> 
<produc ttype>st at ionery< /product type> 
<productname>Woven Envelopes</productname> 
<productprice>$8 . 50</productprice> 
<pr oduc t quant i t y > 3 0 0 < /product quant i t y > 
<productshipmentod>UPS</productshipmethod> 
<productstatus>ordered< /product status > 
</item> 
<item> 

<productid>873 6298 9873600</productid> 
<product type >paperclips< /product type > 
<productname>Deluxe Large</productname> 
<productprice>$6 . 89</productprice> 
<productquantity>3</productquantity> 
<productshipmentod>UPS</productshipmethod> 
<productstatus>ordered</productstatus> 
</item> 

<appdata> 

<note>Leave this order on the back porch</note> 
<dist center >Poughkeepsie</dist cent er> 
</appdata> 
/purchaseinf o> 

The following is a specific example of a purchase response. 
?xml version="i . 0" encoding="UTF-8 n ?> 

IDOCTYPE purchaseresponse SYSTEM "purchaseresponse . dtd" > 
purchaseresponse> 
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<message messagestatus= n nosession" messagetext="No session was 
found corresponding to the one submitted" year="1999" month= n " 
day= n 18" hour=" " minute="56"/> 

<session month="Jul" year="" day="05" hour="07" minute="ll n /> 
< / pur cha sere spons e > 



The following is a specific example of a bill response related to the order system. 



<!DOCTYPE billresponse [ 

<! --5/7/99 Added cardphone . Made many card fields optional. Filled 

- > 

<! --5/7/99 in messagetype and consumer-usertype- - > 
<! 5/10/99 Fixed syntax --> 

< (ELEMENT billresponse (message , session , consumer- 
user , carddata? , shipping? ) > 

< ! ELEMENT message (status, statustext?) > 
< ! ATTLIST message 



#REQUIRED 

year 
month 
day 
hour 
minute 
< ! ELEMENT status 
<! ELEMENT statustext 
<! ELEMENT session 
<! ATTLIST session 



messagetype (registration) credit) 

CDATA #REQUIRED 
CDATA #REQUIRED 
CDATA # RE QUI RED 
CDATA #REQUIRED 
CDATA #REQUIRED> 
(# PCDATA) > 
(# PCD ATA) > 
(sessionid, consumer-usertype, promo? ) 



month 

day 

hour 

minute 

index 
< ! ELEMENT sessionid 
< ! ELEMENT consumer -user type 
< ! ATTLIST consumer-usertype 



year CDATA #REQUIRED 

CDATA # REQUIRED 
CDATA # REQUIRED 
CDATA # REQUIRED 
CDATA #REQUIRED 
CDATA #REQUIRED> 
(# PCDATA) > 

EMPTY > 
type 



(unknown | nocard| noshare | card) "unknown" > 

< ! ELEMENT promo (# PCDATA) > 

<! ELEMENT consumer-user (consumer-userid, prefix?, last, first 
middle?, suffix?) > 

( # PCDATA) > 
(# PCD ATA) > 
(# PCDATA) > 
( # PCDATA) > 
(# PCDATA) > 
(# PCDATA) > 
{ cardno , cardid? , carddat e , cardname , 
cardstreenum? , cards treet? , 
cardstate? , cardzip? , cardcountry? ) > 



< ! ELEMENT consumer-userid 
< ! ELEMENT prefix 
<! ELEMENT last 
<! ELEMENT first 
< ! ELEMENT . middle 
<! ELEMENT suffix 
< ! ELEMENT carddata 
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ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 



cardno (# PCDATA) 

cardid (# PCDATA) 

carddate (# PCDATA) 

cardname (# PCDATA) 

cards treetnum (# PCDATA) 
cardstreet {# PCDATA) 
cardstate (# PCDATA) 
cardzip (# PCDATA) 

cardcountry {# PCDATA) 
cardphone { # PCDATA) > 



< ! ELEMENT 
< ! ELEMENT shipping 
(shipaddrl, shipaddr2?, shipaddr3?, shipcity, shipstate, 

shipzip, shipcountry? , shipphone?> 
shipaddrl (# PCDATA) 



ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 



shipaddr2 

shipaddr3 

shipcity 

shipstate 

shipzip 

shipcountry 

shipphone 



(# PCDATA) 
{# PCDATA) 
{# PCDATA) 
(# PCDATA) 
(# PCDATA) 
(# PCDATA) 
(# PCDATA) > 



]> 



The following is a specific example of a bill response. 



<?xml version="l. 0" encoding="UTF-8" ?> 
<!DOCTYPE ORDER SYSTEM "billresponse . dtd" > 
<billresponse> 

<message messagetype= "purchase" year="l99 9" Months "Jun" Day="7" 
Hour= f, 16" minute="ll n /> 

<session year="1999" Month=" Jun" Day="6" Hour="l2" Minute="8" 
index = 

"A87f jbjk"/> 

<sessionid>A98f jd098 8 0dj HOL</sessionid> 

<consumer-usertype>card</consumer-usertype> 
<promo>10 percent < /promo 
< consumer-user > 

<consumer-userid>svaj j 02</consumer-userid> 
<pref ix>Mr . </pref ix> 
<last>Vaj jhala</last> 
<f irst>Siva< /first > 
< /consumer -user > 
<carddata> 

<cardno>5424 18 0167844 93 2</cardno> 
<cardid>49 03</cardid> 
<carddate>03/31/00</carddate> 
<cardname>George S. Jones</cardname> 
<cardstreetnum>583</cardstreetnum> 
<cardstreet>Elm St . </cardstreet> 
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<cardcity>Union City</cardcity> 
< cards t ate >NJ< /cards t at e> 
<cardcountry>US</cardcountry> 
<cardzip>23102</cardzip> 
<cardphone>603 -292-2 92 9</cardphone> 
</carddata> 
<shipping> 

<shippaddrl>583 Elm St . <shippaddrl> 
<shipcity>Union City</shipcity> 
< ships t ate >NJ</ ships t ate > 
<shipzip>23102</shipzip> 
<shipcountry>US<shipcountry> 
<shipphone>603 -343 -4030</shipphone> 
</ shipping > 
< /b i 1 1 re spons e > 

Various preferred embodiments of the invention have now been described in 
fulfillment of the objects of the invention. While these embodiments have been set for the by 
way of example, various other embodiments and modifications will be apparent to those 
skilled in the art. Accordingly, it should be understood that the invention is not limited to 
such embodiment, but encompasses all that is described in the following claims. 
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CLAIMS 

What is claimed is: 

1 . A method of conducting a transaction over a network between a 
consumer-user and a commercial provider using an information exchange server 
including consumer information, comprising: 

processing a transaction over said network between said consumer-user and 
said commercial provider using said consumer information stored in said information 
exchange server, without registering said consumer information with said commercial 
provider. 

2. A method of managing online transactions between a consumer-user and a 
commercial provider over a distributed network, said method comprising: 

providing an online information exchange server; 

accessing the online information exchange server using a consumer-user 
device and selecting a commercial provider site from said online information 
exchange server; 

establishing a transaction session between said consumer-user device and said 
commercial provider site; 

providing consumer-user related information to said commercial provider site; 

and 

processing a consumer-user requested transaction relying on said consumer- 
user related information provided by said online information exchange server. 

3. The method as in claim 2, further comprising providing transaction related 
information to said online information exchange server. 
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4. The method as in claim 2, wherein said consumer-user related information 
comprises at least one of consumer-user payment related information, consumer-user 
identification, consumer-user authentication and shipping information. 

5. The method as in claim 2, further comprising registering with said online 
information exchange server said consumer-user related information. 

6. The method as in claim 5, wherein said online information exchange 
server provides said consumer-user related information upon commercial provider 
site requesting said consumer-user related information from said online information 
exchange server. 

7. The method as in claim 6, wherein said commercial provider site requests 
consumer-user related information after said consumer-user requested a transaction at 
said commercial provider site. 

8. The method as in claim 7, wherein said consumer-user registers with said 
online information exchange server said consumer-user related information upon 
request by said commercial provider site prior to processing a consumer-user 
requested transaction. 

9. The method as in claim 8, wherein said commercial provider site requests 
said consumer-user to register said consumer-user related information by directing 
said consumer-user back to said online information exchange server. 

10. The method as in claim 2, wherein said commercial provider manages 
fulfillment of said transaction processed directly with said consumer-user. 
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11. The method as in claim 2, wherein said distributed network is an Internet. 

12. The method as in claim 2, wherein said online transaction comprises at 
least one of a product and a service. 

13. The method as in claim 2, wherein said commercial provider offers said 
consumer-user a different cost for a transaction processed during a transaction session 
established via said online information exchange server as compared to a transaction 
session established without said online information exchange server. 

14. The method as in claim 13, wherein said commercial provider offers said 
consumer-user a reduced cost for said transaction processed during said transaction 
session established via said online information exchange server. 

15. The method as in claim 2, wherein said commercial provider site directs a 
prior consumer-user who was established via said online information exchange server 
to establish a transaction session via said online information exchange server if said 
prior consumer-user attempts to request a transaction by directly accessing said 
commercial provider site without first establishing a transaction session via said 
online information exchange server. 

16. A system for managing online transaction between a consumer- user and a 
commercial provider over a distributed network, comprising : 

a plurality of commercial provider sites communicating with said distributed 
network; 

an online information exchange server communicating with said distributed 
network; and 
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a consumer-user device communicating with said distributed network, said 
consumer-user device structured and configured to access said online information 
exchange server and select a commercial provider site from said online information 
exchange server, 

said online information exchange server structured and configured to establish 
a transaction session between said consumer-user device and said commercial 
provider site, and to provide consumer-user related information to said commercial 
provider site, and 

said commercial provider site structured and configured to process a 
consumer-user requested transaction relying on said consumer-user related 
information provided by said online information exchange server. 

17. A method for storing consumer information on a server and permitting a 
consumer-user to transact with a commercial provider over a distributed network, 
comprising: 

receiving consumer information from a consumer-user device over a 
distributed network; 

storing said consumer information on a server; 

permitting said consumer-user device to select a commercial provider using 
said server; 

establishing a transaction session between said consumer-user device and said 
commercial provider over said distributed network; and 

transmitting said consumer information to said commercial provider. 

18. A system for storing consumer information on a server and permitting a 
consumer-user to transact with a commercial provider over a distributed network, 
comprising: 

a server communicating with said distributed network; 
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a plurality of commercial providers communicating with said distributed 
network; and 

a consumer-user device communicating with said distributed network, said 
consumer-user device adapted to access said server and store consumer information 
on said server and to select a commercial provider site using said server, 

said server adapted to establish a transaction session between said consumer- 
user device and said commercial provider site, and to provide said consumer 
information to said commercial provider site, and 

said commercial provider site adapted to process a consumer-user requested 
transaction relying on said consumer information provided by said server. 

19. An online interface apparatus for managing online transactions between a 
consumer-user and a commercial provider, comprising: 

means for permitting access by said consumer-user via a consumer-user 
device to initiate a transaction session; 

means for linking said consumer-user to a selected commercial provider site; 

means for establishing a transaction session between said consumer-user 
device and said selected commercial provider site; and 

means for providing consumer-user related information to said selected 
commercial provider site for processing a consumer-user requested transaction. 

20. An apparatus for establishing a commercial provider site for providing 
online transactions to a consumer-user referred via an online information exchange 
server, comprising: 

means for responding to access by said consumer-user via a consumer-user 
device through a link established via said online information exchange server; 

means for permitting a transaction session to be established between said 
consumer-user device and said commercial provider site; 
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means for requesting consumer-user related information from said online 
information exchange server; and 

means for processing a consumer-user requested transaction relying on said 
consumer-user related information provided by said online information exchange 
server. 
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